Participate

Press Releases

Ingrian Delivers Program to Help Achieve PCI Compliance

Ingrian Offering 30-Day Evaluation of DataSecure Platform to Demonstrate Benefits of Encryption and Help Merchants

Meet June 30 Deadline for Data ...

on 2005-06-06 07:05:30

Ingrian Offering 30-Day Evaluation of DataSecure Platform to Demonstrate Benefits of Encryption and Help Merchants

Meet June 30 Deadline for Data Protection

REDWOOD CITY, Calif.--June 6, 2005--Ingrian(TM) Networks, Inc., the leading provider of data privacy solutions, today announced a new program designed to provide enterprises with a fast, proven route to achieving compliance with the data-at-rest encryption rules of the Payment Card Industry (PCI) Data Security Standard. The program, provided in conjunction with AmbironTrustWave, a leading data security and compliance management firm, is structured to provide merchants with an evaluation of their existing encryption infrastructure, a 30-day free trial of Ingrian's DataSecure Platform, and best practices tutorials for achieving compliance.

"For many retailers, payment processors, and financial institutions, the end of the month will mark a deadline for meeting PCI data security mandates," said Karim Toubba, vice president of product management and marketing for Ingrian. "As the deadline nears for merchants to achieve PCI compliance and thefts of consumer data continue to increase, the need for fast, proven, and reliable encryption solutions are critical. We're pleased to offer these organizations a program for helping ensure the safety of their data by leveraging encryption."

The PCI Data Security Standard outlines best practices for securing credit card data that is stored, processed, or transmitted. PCI is a consolidated security standard backed by American Express, Discover, MasterCard, and Visa, among other card issuers. PCI lists 12 guidelines that many retailers, online merchants, data processors, and other businesses that handle credit card data will have to meet by June 30. The standard sets technology requirements such as the use of data encryption, end-user access control, and activity monitoring and logging. It also includes procedural mandates such as the need to implement formal security policies and vulnerability management programs.

The PCI standard requires companies to validate their compliance via a PCI-certified assessor either annually or quarterly, depending on their transaction levels. Banks that issue credit cards will be responsible for ensuring that companies comply with PCI and could face up to $500,000 in fines per incident if data is compromised.

Section 2 of the PCI standard, entitled "Protect Cardholder Data," refers to encryption as the "ultimate protection mechanism," and features a range of mandates, requiring:

Sensitive cardholder data to be unreadable anywhere it is stored.

The protection of encryption keys against both disclosure and misuse.

Split knowledge and dual control of keys.

Secure key storage.

Periodic key changes.

Ingrian DataSecure Platforms enable organizations to meet PCI's encryption requirements with unprecedented ease and cost-effectiveness. DataSecure is the only appliance-based encryption solution available today that features granular, field-level encryption capabilities and that can be integrated at the Web server, application server, or database layer. In addition, DataSecure centralizes cryptographic processing, key and policy management, and security administration, which yields tremendous advantages in terms of security, scalability, and manageability.

"We are committed to helping organizations achieve the highest levels of credit card security and have partnered with companies like Ingrian to ensure that our clients are receiving the best advice and gaining access to best-of-breed technologies," said Michael Petitti, Senior Vice President of Marketing for AmbironTrustWave. "We have helped thousands of clients become compliant and are hoping that this program will help additional merchants prepare for the deadline and ensure the security of their customers' information."

More information about this program can be found at www.ingrian.com/info/pci-program .

About DataSecure Platforms
Ingrian's DataSecure platforms provide an intelligent, cost-effective way to protect critical data from both internal and external threats. As a result, organizations can better ensure that they are compliant with legislative and policy mandates for security, and eliminate the risks of data thefts. Ingrian's breakthrough solution features dedicated hardware appliances and patent-pending cryptography software.

DataSecure offers flexible implementation options so organizations can deploy in a way that makes sense for their business and security needs -- whether at the Web, application, or database level. DataSecure platforms can be efficiently integrated in Windows, Java, Linux, and Unix environments, and they work seamlessly with leading databases -- including IBM DB2, Oracle, and SQL Server. DataSecure encrypts data in databases and applications at the column or field level, and can be used to secure such data as credit card numbers, social security numbers, passwords, account balances, and email addresses.

About Ingrian Networks
Ingrian Networks brings complete data privacy to the enterprise. With Ingrian DataSecure Platforms, organizations can protect critical data from both internal and external threats, and ensure compliance with legislative and policy mandates for security. DataSecure features a dedicated security appliance and specialized software that enables organizations to encrypt critical data in applications and databases. With its capabilities for granular encryption, seamless integration, and centralized security management, DataSecure enables organizations to guard against a range of security threats, with unparalleled ease and cost effectiveness. Ingrian is a privately held company backed by such investors as Globespan Capital Partners, HighBAR Ventures, Menlo Ventures, Partech International, and Prism Venture Partners. For more information, visit www.ingrian.com .

About AmbironTrustWave
AmbironTrustWave provides data security and compliance services to businesses that process, store and/or transmit credit card data. For banks, merchants and service providers, AmbironTrustWave mitigates risk by validating compliance with the Payment Card Industry Data Security Standard, which covers the information security requirements of American Express, Discover, MasterCard, Visa Canada and Visa USA. AmbironTrustWave serves more than 25,000 clients including financial organizations, global electronic exchanges, educational institutions, and business services firms. Headquartered in Chicago with offices throughout the United States, AmbironTrustWave's staff is composed of network and data security professionals who have substantial experience in delivering services to large and mid-sized companies.

Use of this site is governed by our Terms of Use and Privacy Policy.
Copyright 1996- Ziff Davis, LLC. All Rights Reserved.
Reproduction in whole or in part in any form or medium without express written permission
of Ziff Davis, LLC. is prohibited.PCMag Digital GroupAdChoice